How to setup pfSense OpenVPN for Remote Access?

This article shows you how to setup the OpenVPN on pfSense, so that a user can securely access their application servers without the needs to open public ports on the firewall.

* This procedure works for pfSense 2.0.x.
* This procedure use the pfSense internal user database, this is suitable for companies with only a few remote users. (In larger deployment, pfSense can use LDAP for centralized authentication).

[[[TOC]]]

== Create SSL Certificates ==
# Before we can install our OpenVPN server, we must set up our own certificate authority and a self-signed SSL server certificate. Please read [[How to setup pfSense SSL Certificate Authority]] for how to create them.

== Check Firewall Rules ==
# Now, we need to make sure the follow firewall rules were correctly added by the wizard.
# Open Firewall > Rules. On the WAN tab, there should be a rule that open the OpenVPN Server port on WAN.
# Open the OpenVPN tab, there should be a rule that allow everything from/to the OpenVPN network.

== Create Users ==
# Open System > User Manager. Open the Users tab. Click [+] to add a new user.
# Create an user “John”. Select “Click to create a user certificate”.
# Input the Descriptive name and click Save.

Now, our OpenVPN server has been installed. Next step is to install OpenVPN client for our Windows and Mac Users.

Permanent link to this article: https://www.sxl.net/how-to-setup-pfsense-openvpn-for-remote-access/